Verification Of Mainframe Started tasks that require UID(0) zero
Start task DESCRIPTION
BBI PASS MANAGER
CA7
OMVS/CRON (task scheduler)
Kernal Daemon for FTP
Orcale10g MFRS DBASE SERVICES
Orcale10g MFRT DBASE SERVICES
Orcale10g MVRP DBASE SERVICES
z/OS TCP/IP STC
ORACLE10G SYT STC ACID
TCPIP POLICY AGENT
Mainview
NETMASTER Report Center
BATCH/DASD VOLUME CONFIG-DEFRAG
CA7 PROD CONTROL
SSH TECTIA SERVER
WILYZOS STC – CA CROSS Enterprise APM agent
ZFS ACID (omvs zs file system manager)
Release : 16.0
Component : CA TOP SECRET
The requirement for UID(0) is not a Top Secret requirement. It is product specific. For the Broadcom products in the list:
CA7
CA7 PROD CONTROL
NETMASTER Report Center
** There isn't anything in the CA WORKLOAD AUTOMATION CA 7® EDITION 12.1 documentation where UID(0) is required. Here are the commands for Top Secret:
CA Workload Automation CA 7 Edition requires an ACID definition to execute under CA Top Secret® security. This definition identifies CA WA CA 7 Edition as a started task, names the procedure from which CA WA CA 7 Edition executes, and associates the CA WA CA 7 Edition facility with the CA WA CA 7 Edition ACID.
This command has the following format:
TSS CREATE(acid) NAME('CA 7 ONLINE ACID') FAC(STC,BATCH) +
TYPE(USER) PASS(NOPW) DEPT(dept) MASTFAC(CA7)
TSS PERMIT(acid) ACID(acid1)
Where acid1 is one of the acids that you want to use for scheduled batch jobs through CA WA CA 7 Edition. Do this for each acid that is used for scheduled batch jobs through CA WA CA 7 Edition.
Though not recommended, if you want to allow the 'acid' acid to submit jobs under any ACID and not define each separately, add the NOSUBCHK attribute to the 'acid'.
The following command adds the CA WA CA 7 Edition ACID to the CA Top Secret Started Task facility and identifies the CA WA CA 7 Edition procedure name.
TSS ADDTO(STC) PROCNAME(ca7proc) ACID(acid)
Define ICOM to CA Top Secret
The CA Workload Automation CA 7 Edition Independent Communications Manager (ICOM) must also be defined to CA Top Secret®. ICOM handles SMF data for jobs that are submitted through CA WA CA 7 Edition, and therefore requires an ACID to execute in a CA Top Secret secured environment. The following command example may be used to define ICOM to CA Top Secret.
This command has the following format:
TSS CREATE(acid2) NAME('CA 7 ICOM') FAC(STC) TYPE(USER) +
PASS(NOPW) DEPT(dept) MASTFAC(CA7)
TSS PERMIT(acid2) ACID(acid1)
The following command adds the ICOM ACID to the CA Top Secret Started Task Facility and identifies the ICOM procedure name.
TSS ADDTO(STC) PROCNAME(ca7icomproc) ACID(acid2)
Where acid1 is one of the acids that you want to use for scheduled batch jobs through CA WA CA 7 Edition. Do this for each acid that is used for scheduled batch jobs through CA WA CA 7 Edition.
Though not recommended, if you want to allow the 'acid2' acid to submit jobs under any ACID and not define each separately, add the NOSUBCHK attribute to the 'acid2'.
** The CA NETMASTER® SHARED CONTENT LIBRARY 12.2 documentation gives the commands (TSS, ACF2, and RACF) to set up the OMVS segments for region STCs:
Set Up OMVS Segment for Region STCs
The TSS command has UID(nnn), which indicates that 0 is not required.
** For the non Broadcom/CA products, check with the product vendor to see if their respective product requires UID(0) on the region acid.